Update on Morfeus Fucking Scanner05/25/07Update on Morfeus Fucking ScannerIn one of my earlier blogs, I commented that I was seeing a strange user agent in my stats. This user agent went by the name of 'Morfeus Fucking Scanner'. This name obviously caught my eye. I seriously doubt a legitimate user agent would be called that. In that blog, I asked if anyone had any information on it. I got several replies, which you can see in the comments on that blog. It turns out that Morfeus is a scanner that looks for vulnerabilities in PHP based web sites (as this one is). I guess it failed to find any vulnerabilities in my blogging software because I haven't noticed any problems, or additional files are anything. One commenter, by the name of Haans Gruber, even provided a solution to prevent it. Interesting name there Haans, either it's a coincidence or he's a big fan of the Die Hard movies... Haans Gruber was the name of the main villain in the first Die Hard movie. Anyway, the solution he provided was to add the following code to your web sites '.htaccess' file. Note that this change will only work for Apache based web servers. If you are running IIS, I'm sure there is a similar way to do it, but you are on your own. Here's the fix:
# Start of .htaccess change.
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^Morfeus
RewriteRule ^.*$ - [F]
# End of .htaccess change.
I've added this fix to my site's .htaccess file. Let's see if it helps. Thanks Haans! |
 |
XML Feeds